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DETAILED ACTION 
Claim Rejections - 35 USC § 112 

1 . The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

2. Claim 17 is rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

3. The term "slow stream" in claim 17 is a relative term which renders the claim indefinite. 
The term "slow stream" is not defined by the claim, the specification does not provide a standard 
for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably 
apprised of the scope of the invention. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

5. Claims 1-2, 4-9, 1 1-13 and 17-18 are rejected under 35 U.S.C. 102(b) as being 
anticipated by U.S. Patent Number 5,673,322 to Pepe et al.. 

6. As to claim 1, Pepe teaches a reverse proxy network communication scheme comprising: 
a proxy agent located inside a protected network addressable by a least one internal network 
device, the proxy agent establishing outgoing network connections (col. 8, lines 16-25); a 
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security device through which all traffic between the protected network and external networks 
must travel, the security device permitting at least outgoing connections via at least one 
predetermined network protocol (col. 8, lines 16-25); an external proxy server outside the 
protected network and reachable by the proxy agent via outgoing network connections through 
the security device, the external proxy server also being addressable by at least one external 
network device, thereby allowing communication between the at least one external network 
device and the at least one internal network device (col. 8, lines 6-15). 

7. As to claim 2, Pepe teaches the scheme of claim 1 wherein the at least one predetermined 
network protocol is HTTP (col. 7, lines 47-57). 

8. As to claim 4, Pepe teaches the scheme of claim 1 wherein the external proxy server is in 
communication with at least one other network, receives, and stores data addressed to the at least 
one internal network device (col. 8, lines 6-15). 

9. As to claim 5, Pepe teaches the scheme of claim 4, wherein the proxy agent polls the 
external proxy server to check for data addressed to the at least one internal network device (col. 
8, lines 26-60). 

10. As to claim 6, Pepe teaches the scheme of claim 5 wherein the proxy agent downloads 
data addressed to the at least one internal network device form the external proxy server and 
forwards the data to the at least one internal network device (col. 8, lines 26-60). 

11. As to claim 7, Pepe teaches the scheme of claim 4 wherein the external proxy server 
ensures proper cookie routing (col. 8, lines 26-60). 
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12. As to claim 8, Pepe teaches the scheme of claim 1, wherein the proxy agent forwards 
outgoing data to the external proxy server, which transmits the data to the at least one external 
network device (col. 8, lines 6-15). 

13. As to claim 9, Pepe teaches a method of accessing an internal network device on a 
protected network, the network including a security device, the method comprising: storing data 
addressed to the internal network device in an external proxy server (col. 8, lines 26-60); 
maintaining a proxy agent on the protected network, the proxy agent executing the step of: 
polling the external proxy server for data addressed to the internal network device (col. 8, lines 
26-60); forwarding to the internal network device any data on the external proxy server and 
addressed to the internal network device (col. 8, lines 26-60); and forwarding to the external 
proxy server any data addressed to an external device in communication with the external proxy 
server (col. 8, lines 6-15). 

14. As to claim 11, Pepe teaches the method of claim 9 further comprising communicating by 
the internal network device with the external proxy server using a first network protocol and the 
external network device communicates with the external proxy server using a second network 
protocol (col. 8, lines 16-25). 

15. As to claim 12, Pepe teaches the method of claim 1 1 wherein data addressed to the 
internal network device using the second network protocol is transmitted to the internal device 
using the first network protocol so that the second network protocol is carried to the internal 
network device inside the first network protocol (col. 8, lines 16-25). 
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16. As to claim 13, Pepe teaches the method of claim 9 further including multiplexing 
multiple requests from the proxy agent to the external proxy server through the same connection 
(col. 8, lines 26-60). 

17. As to claim 17, Pepe teaches the method of claim 9 wherein polling comprises 
connecting the external proxy server to check for pending traffic; returning a stream of spurious 
bytes ignored by the proxy agent if there is nothing pending (col. 8, lines 26-60); immediately 
transmitting data form the external proxy server to the proxy agent when the external proxy 
server receives data form a client, thus closing the connection to flush any buffering performed 
by intervening proxy servers (col. 8, lines 26-60). 

1 8. As to claim 1 8, Pepe teaches the method of claim 9 wherein communication between the 
proxy agent and the external proxy server is encrypted (col. 10, lines 29-37). 

Claim Rejections - 35 USC § 103 

19. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

20. Claims 3, 19-20, and 22-23 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent Number 5,673,322 to Pepe et al. in view of U.S. Patent Number 6,510,464 to 
Grantges, Jr. et al. 

21. As to claim 3, Pepe teaches the scheme of claim 1, however Pepe does not explicitly 
teach a scheme with an outgoing proxy server. 
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Grantges teaches a scheme including an outgoing proxy server in communication with a 
proxy agent and which the proxy agent uses to establish outgoing connections (col. 4, lines 7- 
22). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Pepe regarding the use of a proxy agent to 
contact an external proxy with the teachings of Grantges regarding the use of an outgoing proxy 
server because an outgoing proxy server improves system performance (Grantges, col. 2, line 55- 
col. 3, line 4). 

22. As to claim 19, Pepe teaches the scheme of claim 1, however Pepe does not explicitly 
teach a scheme with encryption using SSL for HTTP. 

Grantges teaches a scheme for encryption using SSL for HTTP (col. 4, lines 23-32). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of thie invention to combine the teachings of Pepe regarding the use of a proxy agent to 
contact an external proxy with the teachings of Grantges regarding the use of SSL for HTTP 
because SSL provides secure and fast messaging (Grantges, col. 4, lines 23-32). 

23. As to claim 20, Grantges teaches a method wherein a proxy agent and an external proxy 
server require X.509 certificates (col 6, lines 12-27). 

24. As to claim 22, Pepe teaches the scheme of claim 1, however Pepe does not explicitly 
teach a scheme for providing network administrators control over the ability to allow and deny 
etnry on a per session basis. 
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Grantges teaches a method for providing network administrators control over the system 
including granting administrators the ability to allow and deny entry into the protected network 
on a per session basis (col. 7, line 63-col. 8, line 14). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Pepe regarding the use of a proxy agent to 
contact an external proxy with the teachings of Grantges regarding control by administrators of 
sessions because such control allows administrators the control user authentication (Grantges, 
col. 7, line 63-col. 8, line 14). 

25. As to claim 23, Grantges teaches a method wherein access is conferred by granting a key 
with a predetermined life span (col. 7, lines 63-col. 8, line 14). 

26. Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent 
Number 5,673,322 to Pepe et al. in view of U.S. Patent Number 6,621,827 to Rezvani et al.. 

27. As to claim 10, Pepe teaches the method of claim 9; however Pepe does not explicitly 
teach polling the external proxy server at regular intervals. 

Rezvani teaches polling an external proxy server at regular intervals (col. 15, lines 25- 

37). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Pepe regarding the use of a proxy agent to 
contact an external proxy with the teachings of Rezvani regarding polling at regular intervals 
because data may be waiting for a client at any time (Rezvani, col. 15, lines 25-37). 

28. Claims 14-16 are rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent 
Number 5,673,322 to Pepe et al. in view of U.S. Patent Number 5,826,014 to Coley et al.. 
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29. As to claim 14, Pepe teaches the method of claim 9, however Pepe does not explicitly 
teaching mapping ports to proxy agents. 

Coley teaches a method of maintaining by an external proxy server maps between local 
TCP/IP ports of the external proxy server and private IP addresses on a protected network, the 
maps being distinguished by an identity of the proxy agent used to access them (col. 7, lines 35- 
63). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Pepe regarding the use of a proxy agent to 
contact an external proxy with the teachings of Coley regarding the mapping of ports to proxy 
agents because mapping a proxy agent to a particular port increases processing efficiency (Coley, 
col 7, lines 51-54). 

30. As to claim 15, Coley teaches a method of publishing by each proxy agent a list of 
addresses it can reach to an external proxy server, the external proxy server using this list to 
create a respective map between local ports and proxy agents (col. 9, lines 33-60). 

31. As to claim 16, Pepe teaches a method of ensuring cookie delivery (col. 8, lines 26-60). 

32. Claim 21 is rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent 
Number 5,673,322 to Pepe et al. in view of International Application WO 00/68823 by Lawrence 
et al.. 

33. As to claim 21, Pepe teaches the method of claim 9, however Pepe does not teach 
rewriting cookies. 
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Lawrence teaches a method of rewriting cookies with unique identifiers to prevent 
inadvertent transmission of private information to an incorrect recipient on the protected network 
(page 2, line 19-page 3, line 7). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Pepe regarding the use of a proxy agent to 
contact an external proxy with the teachings of Lawrence regarding the rewriting of cookies 
because rewriting cookies protects the identifies of surfers (Lawrence, page 1, lines 14-19). 



34. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Douglas B Blair whose telephone number is 703-305-5267. The 
examiner can normally be reached on 8:30am-5pm Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jack Harvey can be reached on 703-305-9705. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Conclusion 
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